Stackarmour

SecDevOps

Businesses are looking to accelerate the delivery of production quality software with fewer defects, and better security. Continuous Integration/Continuous Deployment (CI/CD) also known as DevOps is a rapidly maturing practice for reducing the time and effort it takes to test and deploy code into production. The rapid automation of the integration and deployment activities is common especially on cloud-based platforms. Adding security testing into the DevOps pipeline can help address the needs of regulated, compliance and public sector focused organizations. Tools such as Yasca, SonarQube, and OpenSCAP amongst others when integrated with vulnerability scanners such as Tenable Nessus, HP Fortify and others provide a robust SecDevOps implementation. The diagram below demonstrates a Continuous Delivery Pipeline.

stackarmordevops1

 

The latest proven open source technologies such as Docker, Jenkins, and Vagrant, are used to isolate development dependencies. The Linux Containers inside Docker use Linux.  This allows an increased efficiency and faster deployments of the application stack, improving the velocity and delivery time of the continuous delivery process. Technologies such as a Nexus repository manager allow developers save time and provide greater security by installing from a local cache for all their artifacts instead of going out to the central Maven repository.  This makes it easier to manage various versions of dependencies, preventing things like version collisions. The diagram below demonstrates the build automation process.

stackarmordevops2

stackArmor’s DevOps engineers have full-stack expertise that includes cloud and infrastructure orchestration using technologies such as Chef, Ansible and Puppet.

Learn more about Secure DevOps and download our white paper from the resources section or read our blog.

Secure DevOps for FedRAMP Compliant Cloud

Free Consultation

Are you interested in a Free consultation with a stackArmor Solutions Architect on how you take advantage of Container, PaaS using CloudFoundry or Serverless achitecture patterns to accelerate your Developer productivity? We can help review your workload requirements, and also assist with DevOps pipeline implementation. Schedule a a free consultation with a stackArmor DevOps Solutions Architect by sending us an email at solutions at stackarmor.com or fill our contact us form or call us at 888-964-1644.